Hopefully this will be my last question on this script. How do I get it to verify the username is valid It does it now, but if I have a valid username and an invalid PW I still get an invalid username error. I thought in line 8 I was grabbing the name column and if a name doesn't match get an invalid username msg, and than exit.
Hopefully this will be the last question I have on this thing
you can check it out here
http://www.kx9.net/login.php
the pw/un in the DB are
un:wer
pw:wer
<?php
$conn = mysql_connect("localhost", "xxxxxx", "xxxxxx");
mysql_select_db("xxxxxxx_login", $conn);
$uname = $_POST['name'];
$upass = $_POST['password'];
if (!empty($uname) && !empty($upass)) {
$sql1 = "select name from logins";
$unamecheck = mysql_query($sql1) or die (mysql_error());
if ($unamecheck != $uname){
echo "Invalid username";
exit;}
$sql = "select name, password from logins where name = '$uname'";
$result = mysql_query($sql) or die (mysql_error());
extract(mysql_fetch_assoc($result));
if ($password == $_POST["password"]) {
header ("Location: <a href='http://www.jza2000.com/");' target='_blank'>http://www.jza2000.com/");</a>
} else {
echo "You entered an invalid password, please double check and try again";
}}
elseif (empty($uname) or empty($upass)) {
echo "You left a field blank.";
}
?>
Hopefully this will be the last question I have on this thing
you can check it out here
http://www.kx9.net/login.php
the pw/un in the DB are
un:wer
pw:wer
<?php
$conn = mysql_connect("localhost", "xxxxxx", "xxxxxx");
mysql_select_db("xxxxxxx_login", $conn);
$uname = $_POST['name'];
$upass = $_POST['password'];
if (!empty($uname) && !empty($upass)) {
$sql1 = "select name from logins";
$unamecheck = mysql_query($sql1) or die (mysql_error());
if ($unamecheck != $uname){
echo "Invalid username";
exit;}
$sql = "select name, password from logins where name = '$uname'";
$result = mysql_query($sql) or die (mysql_error());
extract(mysql_fetch_assoc($result));
if ($password == $_POST["password"]) {
header ("Location: <a href='http://www.jza2000.com/");' target='_blank'>http://www.jza2000.com/");</a>
} else {
echo "You entered an invalid password, please double check and try again";
}}
elseif (empty($uname) or empty($upass)) {
echo "You left a field blank.";
}
?>